Extracted

• • Target

    2156-75-0x0000000000340000-0x00000000007BE000-memory.dmp

  • Size

    4.5MB

  • MD5

    1455a6bdc45b201e30221213246a1624

  • SHA1

    5febf81410ec14eae667443ee2b2094107f85459

  • SHA256

    38d2d524c4a8f07835d30c466af88a401354ee54b83428bceeb0d955d75cc5cb

  • SHA512

    0e746a6741785c30eae89b6808bc8f1e5deccc2304f38a7b026b6edafd49ad28c9365821863e273cc989b9d562a073a821e31fdf6a8708da3bde7d4df77fb29c

  • SSDEEP

    98304:Y4J85R1k5X1lxmszPdQqfzr+FT7RzXZWBRCl:hZlBJaT7biC

  Score

  10^/10

  redlinesectopratcheatdiscoveryinfostealerratspywarestealertrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2